complete polkit-auth functionality
authorkremlin <ian@kremlin.cc>
Sat, 16 Aug 2014 05:08:08 +0000 (00:08 -0500)
committerkremlin <ian@kremlin.cc>
Sat, 16 Aug 2014 05:08:08 +0000 (00:08 -0500)
polkit-auth exposes one function taking an alleged unique bus name
and alleged action name (id) and returns an enum describing if and
how action is authorized.

src/polkit-auth.c
src/polkit-auth.h

index 2e4178f0e7ca9b7575280b520c153acb31fd9c0d..31320a918565e596747d5333ddf77b5a74d1a395 100644 (file)
 
 #include "polkit-auth.h"
 
-void test_func() {
-    g_printf("test!\n");
+static gboolean is_valid_action(GList *action_list, const gchar *action) {
+
+    PolkitActionDescription *action_descr;
+    action_descr = (PolkitActionDescription *)g_list_first(action_list);
+
+    while((action_descr = (PolkitActionDescription *)g_list_next(action_list)))
+        if(!g_strcmp0(action, polkit_action_description_get_action_id(action_descr)))
+            return TRUE;
+
+    return FALSE;
+}
+
+check_auth_result polkit_try_auth(const gchar *bus, const gchar *action) {
+
+    GList           *valid_actions;
+    PolkitAuthority *auth;
+    PolkitSubject   *subj;
+    PolkitAuthorizationResult *result;
+    gboolean authorized, challenge;
+
+    auth  = NULL;
+    subj  = NULL;
+    result = NULL;
+    valid_actions = NULL;
+    authorized = challenge = FALSE;
+
+    auth = polkit_authority_get_sync(NULL, NULL); /* TODO timeout for this */
+    subj = polkit_system_bus_name_new(bus);
+    valid_actions = polkit_authority_enumerate_actions_sync(auth, NULL, NULL);
+
+   if(!auth || !valid_actions)
+        return ERROR_GENERIC; /* extremely unlikely */
+    else if(!subj)
+        return ERROR_BADBUS;
+    else if(!is_valid_action(valid_actions, action))
+        return ERROR_BADACTION;
+
+   if(!(result = polkit_authority_check_authorization_sync(auth, subj, action, NULL, POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION, NULL, NULL)))
+        return ERROR_GENERIC; /* TODO pass, check gerror and return more relevant error */
+
+    authorized = polkit_authorization_result_get_is_authorized(result);
+    challenge = polkit_authorization_result_get_is_challenge(result);
+
+    /* free()'s before return */
+    if(valid_actions)
+        g_object_unref(valid_actions);
+    if(auth)
+        g_object_unref(auth);
+    if(subj)
+        g_object_unref(subj);
+    if(result)
+        g_object_unref(result);
+
+    if(authorized) {
+
+        if(challenge)
+            return AUTHORIZED_BY_PROMPT;
+        
+        return AUTHORIZED_NATIVELY;
+
+    } else if(challenge)
+        return UNAUTHORIZED_FAILED_PROMPT;
+
+    return UNAUTHORIZED_NATIVELY;
 }
index 17a919b92cfc932aace6ee01dd52d278539e5b72..b672e67b06f627c3197c47c7a2a1553a442cf4e1 100644 (file)
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
+typedef enum {
+    AUTHORIZED_NATIVELY,   AUTHORIZED_BY_PROMPT,
+    UNAUTHORIZED_NATIVELY, UNAUTHORIZED_FAILED_PROMPT,
+    ERROR_BADBUS, ERROR_BADACTION, ERROR_GENERIC
+} check_auth_result;
 
-void test_func();
+check_auth_result polkit_try_auth(const gchar *bus, const gchar *action);